Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Allow local users to change password

Is it possible to allow local users that use SSL VPN to change their own password?

I've tried through the SSLVPN web portal but it doesn't give me an option. I don't want to buy Forti Authenticator just for that.

I found some documents on how to create a password policy to force the change every X amount of days but now how to allow the users to change it themselves.



check this out: [link][/link]

Elthon Abreu FCNSA v5


to me this is a feature that should already be there.

I need to allow local users to change their password after login.

I'll assign them a generic password for the first login and then force a password change after they connect.



Tim Melton


System Administrator/DBA




i ran into this too - local users for VPN access, generic passwords to begin with

and a customer wish, to have them force change the password on first logon.


Any luck getting this solved?






Doing a test using the password policy did get me some of the way.

I performed a test, to see how the expiration warning looked like, setting a password policy for expire 30 and warn 30, so that the password would live 30 days, and i would start receiving the warning immediately.


Result was that i immediately received a warning - true. But the word of the warning is:

"your password has expired"

followed by 2 fields to enter a new password.

... no option to skip this for another time


so now, even tho expire timer was set to 30 days ahead, the warn timer seemed to force the user to a password reset before connecting.


I've set the warn-timer to 29 days now, and tomorrow i'll see if this simply is a bug when both timers are identical.

Warning should be a heads up to the user, that you now have xx days left to reset your password, in my humble opinion.


(i should mention, i'm running a 100F at Firmware 6.4.0 build 6025 (GA))




I bypassed the problem by using LDAP and connecting to my domain server.

So I did not look into it further.

Tim Melton


System Administrator/DBA


Hmm i quickly googled onwards, and found this one:



Hi, you can use the below link to change the password, users can change the password by themselves.